Vasileios Kemerlis<p>📢 Last week, Brown Secure Systems Lab (SSL, <a href="https://gitlab.com/brown-ssl/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gitlab.com/brown-ssl/</span><span class="invisible"></span></a>) was at the IEEE Symposium on Security and Privacy (S&P) 2025, where we presented our latest work on hardening OS kernels against attacks that (ab)use heap-based memory-safety vulnerabilities. <a href="https://infosec.exchange/tags/IUBIK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IUBIK</span></a> leverages memory tagging (MTE) and pointer authentication (PA), available in <a href="https://infosec.exchange/tags/ARM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ARM</span></a> CPUs, to efficiently and effectively isolate attacker-controlled input from security-critical data in the kernel heap.</p><p>👏 Kudos to Marius Momeu (leading author) who did a terrific job presenting our paper -- joint work with Alexander Gaidis (Brown University) and Jasper von der Heidt (Technical University of Munich).</p><p>✳️ Paper: <a href="https://cs.brown.edu/~vpk/papers/iubik.sp25.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/~vpk/papers/iubik</span><span class="invisible">.sp25.pdf</span></a> </p><p>💾 Code: <a href="https://github.com/tum-itsec/iubik" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/tum-itsec/iubik</span><span class="invisible"></span></a> (coming soon)</p><p><a href="https://infosec.exchange/tags/iubik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>iubik</span></a> <a href="https://infosec.exchange/tags/mte" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mte</span></a> <a href="https://infosec.exchange/tags/pac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pac</span></a> <a href="https://infosec.exchange/tags/acm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>acm</span></a> <a href="https://infosec.exchange/tags/brownssl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>brownssl</span></a> <a href="https://infosec.exchange/tags/browncs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>browncs</span></a> <a href="https://infosec.exchange/tags/ieeesp2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ieeesp2025</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome
Administered by:
Server stats:
4.8Kactive users
techhub.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.8
#browncs
0 posts · 0 participants · 0 posts today
Greg Lloyd<p>See the return of Brown Sciences Library Tetris</p><p>“Tetris, Snake, Pong, and other retro classics on the ScilLi. </p><p>Partial Showcase (Floors 5-11)<br>• Wednesday 5/14 @ 10:00pm EDT<br>• Thursday 5/15 @ 10:00pm EDT</p><p>Full Showcase (Floors 3-13)<br>° Convocation Week - Time TBD</p><p>This is probably the last time this event will run, so make sure to see it before it's gone!!”</p><p>Instagram: scilibtetris</p><p><a href="https://federate.social/tags/tetris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tetris</span></a> <a href="https://federate.social/tags/browncs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>browncs</span></a> <a href="https://federate.social/tags/ProvidenceRI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ProvidenceRI</span></a></p>
Vasileios Kemerlis<p>As we welcome 2025, I'd like to take a moment to reflect on what an extraordinary year 2024 has been for Brown CS Secure Systems Lab (<a href="https://gitlab.com/brown-ssl/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gitlab.com/brown-ssl/</span><span class="invisible"></span></a>). It has been a year of innovation, creativity, and growth—both for the lab and for me personally as its director. Witnessing the passion, dedication, and brilliance of our team—Neophytos Christou, Alexander Gaidis, Marius Momeu, <span class="h-card" translate="no"><a href="https://mastodon.social/@dijin" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>dijin</span></a></span>, and Vaggelis Atlidakis—has been truly fulfilling and inspiring!</p><p>In 2024, we tackled complex challenges and made significant strides in advancing our research on software hardening and OS kernel protection. Here are some highlights from this remarkable year:</p><p>✳️ Marius Momeu presented <a href="https://infosec.exchange/tags/SafeSlab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SafeSlab</span></a> at <span class="h-card" translate="no"><a href="https://mastodon.acm.org/@acm_ccs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>acm_ccs</span></a></span> <a href="https://infosec.exchange/tags/CCS2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CCS2024</span></a>. Safeslab hardens the Linux SLUB allocator against exploits that abuse use-after-free (<a href="https://infosec.exchange/tags/UaF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UaF</span></a>) vulnerabilities, using <a href="https://infosec.exchange/tags/Intel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Intel</span></a> <a href="https://infosec.exchange/tags/MPK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MPK</span></a>. (Joint work with Technical University of Munich and <span class="h-card" translate="no"><a href="https://infosec.exchange/@mikepo" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mikepo</span></a></span>.)<br>📄 <a href="https://cs.brown.edu/~vpk/papers/safeslab.ccs24.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/~vpk/papers/safes</span><span class="invisible">lab.ccs24.pdf</span></a><br>💾 <a href="https://github.com/tum-itsec/safeslab" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/tum-itsec/safeslab</span><span class="invisible"></span></a></p><p>✳️ Neophytos Christou presented <a href="https://infosec.exchange/tags/Eclipse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Eclipse</span></a> at <span class="h-card" translate="no"><a href="https://mastodon.acm.org/@acm_ccs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>acm_ccs</span></a></span> <a href="https://infosec.exchange/tags/CCS2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CCS2024</span></a>. Eclipse is a compiler-assisted framework that propagates artificial data dependencies onto sensitive data, preventing the CPU from using attacker-controlled input during speculative execution.<br>📄 <a href="https://cs.brown.edu/~vpk/papers/eclipse.ccs24.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/~vpk/papers/eclip</span><span class="invisible">se.ccs24.pdf</span></a><br>💾 <a href="https://gitlab.com/brown-ssl/eclipse" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gitlab.com/brown-ssl/eclipse</span><span class="invisible"></span></a></p><p>✳️ Di Jin presented <a href="https://infosec.exchange/tags/BeeBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BeeBox</span></a> at the <span class="h-card" translate="no"><a href="https://infosec.exchange/@usenixassociation" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>usenixassociation</span></a></span> Security Symposium 2024. BeeBox hardens <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> BPF/eBPF against transient execution attacks. <a href="https://infosec.exchange/tags/usesec24" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>usesec24</span></a><br>📄 <a href="https://cs.brown.edu/~vpk/papers/beebox.sec24.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/~vpk/papers/beebo</span><span class="invisible">x.sec24.pdf</span></a><br>💾 <a href="https://gitlab.com/brown-ssl/beebox" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gitlab.com/brown-ssl/beebox</span><span class="invisible"></span></a></p><p>✳️ Yaniv David presented <a href="https://infosec.exchange/tags/Quack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Quack</span></a> at the NDSS Symposium 2024. Quack hardens PHP code against deserialization attacks using a novel (static) duck typing-based approach. (Joint work with Andreas D Kellas and Junfeng Yang.) <a href="https://infosec.exchange/tags/NDSSsymposium2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NDSSsymposium2024</span></a><br>📄 <a href="https://cs.brown.edu/~vpk/papers/quack.ndss24.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/~vpk/papers/quack</span><span class="invisible">.ndss24.pdf</span></a><br>💾 <a href="https://github.com/columbia/quack" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/columbia/quack</span><span class="invisible"></span></a></p><p>✳️ Marius Momeu presented <a href="https://infosec.exchange/tags/ISLAB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ISLAB</span></a> at <span class="h-card" translate="no"><a href="https://mastodon.acm.org/@ACM" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ACM</span></a></span> <a href="https://infosec.exchange/tags/ASIACCS24" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ASIACCS24</span></a>. ISLAB hardens SLAB-based (kernel) allocators, against memory errors, via SMAP-assisted isolation. (Joint work with Technical University of Munich and <span class="h-card" translate="no"><a href="https://infosec.exchange/@mikepo" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mikepo</span></a></span>.) <a href="https://infosec.exchange/tags/asiaccs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>asiaccs</span></a><br>📄 <a href="https://cs.brown.edu/~vpk/papers/islab.asiaccs24.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/~vpk/papers/islab</span><span class="invisible">.asiaccs24.pdf</span></a><br>💾 <a href="https://github.com/tum-itsec/islab" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/tum-itsec/islab</span><span class="invisible"></span></a></p><p>🏆 <a href="https://infosec.exchange/tags/EPF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EPF</span></a> (presented by Di Jin at <span class="h-card" translate="no"><a href="https://infosec.exchange/@usenixassociation" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>usenixassociation</span></a></span> <a href="https://infosec.exchange/tags/ATC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ATC</span></a> 2023) was the runner-up for the "Bug of the Year" award ("Weirdest Machine" category) at IEEE Symposium on Security and Privacy LangSec (Language-Theoretic Security) workshop 2024! <a href="https://infosec.exchange/tags/atc23" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>atc23</span></a> <a href="https://infosec.exchange/tags/LangSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LangSec</span></a><br>⌨️ <a href="https://langsec.org/spw24/bugs-of-the-year-awards.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">langsec.org/spw24/bugs-of-the-</span><span class="invisible">year-awards.html</span></a><br>📄 <a href="https://cs.brown.edu/~vpk/papers/epf.atc23.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/~vpk/papers/epf.a</span><span class="invisible">tc23.pdf</span></a><br>💾 <a href="https://gitlab.com/brown-ssl/epf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gitlab.com/brown-ssl/epf</span><span class="invisible"></span></a></p><p>🏅 I am honored and delighted to have received the "Distinguished Reviewer Award" at <span class="h-card" translate="no"><a href="https://mastodon.acm.org/@acm_ccs" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>acm_ccs</span></a></span> <a href="https://infosec.exchange/tags/CCS2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CCS2024</span></a>!</p><p>🏅Alexander Gaidis has been awarded the "Distinguished Artifact Reviewer" award at the <span class="h-card" translate="no"><a href="https://infosec.exchange/@usenixassociation" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>usenixassociation</span></a></span> Security Symposium 2024!<br><a href="https://cs.brown.edu/news/2024/09/20/brown-cs-phd-student-alexander-j-gaidis-has-been-named-a-usenix-security-2024-distinguished-artifact-reviewer/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/news/2024/09/20/b</span><span class="invisible">rown-cs-phd-student-alexander-j-gaidis-has-been-named-a-usenix-security-2024-distinguished-artifact-reviewer/</span></a><br><a href="https://infosec.exchange/tags/usesec24" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>usesec24</span></a> <a href="https://infosec.exchange/tags/proudadvisor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proudadvisor</span></a></p><p>📢 I had the great pleasure of discussing some of these works recently at the Computer Systems Seminar at Boston University!<br>📽️ <a href="https://www.bu.edu/rhcollab/events/bu-systems-bu%E2%99%BAs-seminar/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bu.edu/rhcollab/events/bu-syst</span><span class="invisible">ems-bu%E2%99%BAs-seminar/</span></a></p><p><a href="https://infosec.exchange/tags/brownssl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>brownssl</span></a> <a href="https://infosec.exchange/tags/browncs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>browncs</span></a> 🚀</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload